Claims 

What is claimed is: 

1 . A method for secure mutual authentication comprising the steps of: 
authenticating a customer at a first web site; 

receiving a selection from said customer at said first web site requiring transfer to a 
second web site; 

generating an authentication message for said customer at said first web site, said 
authentication message devoid of intelligent information of said customer; and 

transferring said authentication message from said first web site to said second web site 
for authentication of said customer by said second web site. 

2. The method of claim 1, wherein the step of generating an authentication message 
comprises incorporating a customer pseudonym into said authentication message, said customer 
pseudonym uniquely identifying said customer and devoid of intelligent information of said 
customer. 

3 . The method of claim 2, wherein the step of generating an authentication message 
ftirther comprises randomly generating said customer pseudonym. 

4. The method of claim 2, wherein the step of generating an authentication message 
fiirther comprises incorporating a date/time stamp, a partner name and an optional uniform 
resource locator (URL) with a return address for said first web site into said authentication 
message. 
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5. The method of claim 1, wherein the step of generating an authentication message 
comprises incorporating a source identifier, a date/time stamp, an optional return URL, a 
customer pseudonym, a cryptographic key, a transaction identification and authenticated data for 
the first web site into said authentication message. 

6. The method of claim 5, wherein said authenticated data comprises said date/time 
stamp, said optional return URL, said customer pseudonym, said transaction identification, and a 
partner name. 

7. The method of claim 1, fiirther comprising the step of authenticating said 
customer at said second web site using said authentication message generated by said first web 
site. 

8. A computer for performing the method of claim 1 . 

9. A computer-readable medium having software for performing the method of 
claim 1. 

10. A method for secure mutual authentication comprising the steps of: 
receiving at a second web site an authentication message for a customer from a first web 

site, said customer previously authenticated by said first web site, said authentication message 
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generated by said first web site, said authientication message devoid of intelligent information of 
said customer; and 

authenticating said customer at said second web site using said authentication message 
generated by said first web site. 

11. The method of claim 10, wherein the step of authenticating said customer at said 
second web site occurs when said customer has previously visited said second web site, and 
further comprising the step of prompting said customer to log in to said second web site when 
said customer has not previously visited said second web site. 

12. The method of claim 10, wherein said authentication message comprises a 
uniform resource locator (URL) with a retum address for said first web site, and further 
comprising the step of returning said customer from said second web site to said first web site 
using said URL without fiirther authentication by said first web site. 

13. The method of claim 10, further comprising the step of generating said 
authentication message for said customer at said first web site. 

14. A computer for performing the method of claim 1 0. 

15. A computer-readable medium having software for performing the method of 
claim 10. 
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16. A computer system for secure mutual authentication comprising a first web site 
and a second web site; 

said first web site to authenticate a customer, receive a selection from said customer 
requiring transfer to said second web site, generate an authentication message, and transfer said 
authentication message from said first web site to said second web site, said authentication 
message devoid of intelligent information of said customer; and 

said second web site to receive said authentication message for said customer from said 
first web site and authenticate said customer using said authentication message generated by said 
first web site. 
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